If you read MagicalTux's personal blog you'd know to never trust anything he's coded too. http://blog.magicaltux.net/2010/06/27/php-can-do-anything-wh...
And then I read that his hacked-together-in-3-days ssh server was for use in production. In a hosting service.
Wow. Just wow.
That sounds like a brilliant technical guy, capable of running with a daft idea to completion (unlike me, with my collection of at-best-half-built personal projects), who should have some layers of protection between him and Real World Production...
"Now, people who Get Things Done but are not Smart will do stupid things, seemingly without thinking about them, and somebody else will have to come clean up their mess later. "
Inexperienced (young) programmers don't know what's been tried, and what's available. I've been dealing with this a lot at work recently, where we ended up doing poor reimplementations of off-the-shelf stuff due to a mix of ignorance, and honestly, a bit of hubris.
It's a good attitude to have in academia/non-production critical work, but the GP is right, production demands a more conservative approach, especially when money/safety is at stake.
The type of ignorance Joel writes about (see parent) is different, it's more like "slavishly following design patterns" and "writing copy-and-pasted, improperly factored code". Both are ignorance, but the first is better called "NIH", whereas Joel's is, "writing bad code".
It's the "that you wrote" part.
No matter what language you write it in, you are going to mess something up. The OpenSSH guys have messed up working a lot smarter and more diligently and with more time than you have.
They've invested years and many talented people in developing such a piece of software.
If you want to write your own ssh server in php, you should probably consider your motivation and how you can re-use their code or operate through it instead if your purpose if anything other than experimentation.
Its kinda hard to disagree with that conclusion.
I can't say those difficulties he had in using the library were put there on purpose to keep people like him out, but it seems to be a good effect here.
What did I create a ssh server for? The same thing I created a DNS server for fun and for KalyHost.
There was some allusion to needing some kind of database backend for the SSH server, but there are multiple solutions for that now (like LDAP).
I'd love to have this guy work for me in a junior role (because he can really crank out the code), but all his work would need to be reviewed, and I wouldn't want him to be making architectural decisions on his own.
That said, "flawless accounting" would be very high up on my feature list. I think the failure here isn't launching without perfection; it's operating at scale without perfection.
I think minimum feature scope doesn't necessitate poor-quality software, just solutions that don't do everything for everybody. It's much better to ship a small feature set with very high quality, IMO, than a big feature set with low quality.
In the Lean Startup sense, the M is about minimum effort, and the V is about viability with customers. You're basically playing Battleship trying to discover where those two Venn circles overlap.
Different aspects of quality map to both those circles. There's build quality, which relates to the sustainability of the code base. There, you have to consider both short- and long-term quality. 
There's also quality as users perceive it. That varies widely by domain by market, and by how far you are along the adopter curve.
My general answer is the same as yours: minimal features with highly sustainable code. But for experiments, I think you can get away with terrible code as long as you a) throw it away quickly, and b) you are on it so even if you have a bad MTBF, your MTTR is really good.
I also think that you can tactically discard certain kinds of user-side quality. E.g., if I'm making a product for early-adopter financial traders, I'm not going to worry about quality of visual design, and I might inflict hard-to-learn interfaces on them. But I'd be rigorous about accounting and about UI issues that might lead to mistaken trades.
 I wrote some about that here: http://agilefocus.com/2009/06/22/the-3-kinds-of-code/
Or do you mean this as a metaphor for MtGox? In that case, I would say that I would rather miss the window than be the famous asshole who -- oopsie! -- lost $500 million of other people's money.
One of the biggest risks is, "nobody gives a fuck", which is why MVPs are so valuable. It lets you test market hypotheses.
But if you're building something handling real money, then a pretty obvious risk is, "The system will lose money beyond our capacity to absorb losses." Their failure to address that risk here is at best negligence.
But given the size of the loss, I don't think we should rule out fraud. The interesting question is, "When did they know they had a problem?" Sometimes shitty accounting systems are just naiveté. But when they persist over a long period of time in a way that just happens to cover up loss, embezzlement, or theft, then it's worth asking: did they keep the shitty accounting because better accounting would have forced them to admit something they were hoping to cover up?
And still, even 2 weeks ago, tons of people defended MtGox in HN threads, and said how it's a temporary glitch and they are very good exchange and such.
Even when it was pointed to them that it's a service build by a guy with no actual knowledge of exchanges and no prior experience at finance services whatsoever -- a mere PHP developer (not to knock the language) that had done nothing spectacular before (no Carmack, or Fitzpatrick or your favorite coder hero).
People trusted their money to a guy that literary calls himself "MagicalTux" -- which to me seems like investing to the hobo on the corner, people call Crazy Bob.
I'm the last person to defend Karpeles' competency, but his internet alias has nothing to do with it.
Of course you shouldn't.
If you were to here him (well, me) you'd ask for my CV -- if not an interview also.
And if it was like "developed some random toy stuff" you wouldn't hire me to develop a money exchange playing with other people's millions of dollars.
And if you were to assess if you will put $10,000 in a financial online service made by me, my past work in the area, my general competence would be quite important.
Else, don't be surprised if you lost it all. The chances were way higher than if you had put that money in Citibank, you just ignored the signs.
And for me, not giving the impression I'm a 20-something script kiddie with a fancy handle would also be quite important. I mean, it might be prejudice, but "Ives, Rockefeller and Berstein" as a financial service just feels more secure than "$uper7eetMoneyMakah", "LuvFlamingoes" or "MagicalTux".
How do you feel about "Bear Stearns" or "Lehman Brothers"?
"he had been leading the core library development of Android while at Google".
And that he is just but one of the players at Square, including guys like a well known VC and Twitter's cofounder.
If "CrazyBobs" was an unknown in the industry guy and his CV was like "I have done some fun projects, like a PHP mailer" and he was the major person behind the company, no investor would have touched it with a barge pole.
There are a lot of forums on the Internet. It's not confidence-building, at all, to tell people "if you hang out on the right forum you know what's safe." Especially because "the right forum" is not written in stone.
Of course normal frameworks are a no-go. Using
someone else’s framework will make your world
slightly better, but until you create your own
full framework, you won’t understand what I mean.
The next step is to build applications with your
framework. The kind of applications that will
change the world...
If he was not dealing with other people's real money and data this experimentation and shotgun approach would be fine.
Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending.
Of course, the coins are only yours if you hold the private keys. A promise of some Japanese exchange to send you an amount of Bitcoin in the future is not the same as owning a Bitcoin.
It's pretty interesting, you should read it.
Many people in the field are very ethical and think that an improvement to the current financial system is of great benefit to humanity.